216.73.216.215

CVE-2026-24824

· Published 27/01/2026 09:15 · Modified 27/01/2026 14:59

Labels: CVE-2026-24824 2026-01-27CVE-2026-24824CWE-79[email protected]

Essential information

Published
27/01/2026 09:15
Modified
27/01/2026 14:59
Author
Creator
CVSS
6.9 MEDIUM (v3) 6.9 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in yacy yacy_search_server (source/net/yacy/http/servlets modules). This vulnerability is associated with program files YaCyDefaultServlet.Java. This issue affects yacy_search_server.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
yacy / yacy search server cpe:2.3:a:yacy:yacy_search_server:*:*:*:*:*:*:*:*

References